package com.cskaoyan.config;

import com.cskaoyan.shiro.AdminRealm;
import com.cskaoyan.shiro.CustomAuthenticator;
import com.cskaoyan.shiro.CustomWebSessionManager;
import com.cskaoyan.shiro.WxRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.LinkedHashMap;

/**
 * @author: harveyliu
 * @description: 创建一个shiro的配置类
 * @time: 2021/7/11 11:18
 */
@Configuration
public class ShiroConfig {

    /*
     * ShiroFilterFactoryBean
     * */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setLoginUrl("/admin/auth/unauth");
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

//        filterChainDefinitionMap.put("/__pageframe__/pages/ucenter/index/index", "anon");
        filterChainDefinitionMap.put("/admin/auth/login","anon");
        filterChainDefinitionMap.put("/admin/auth/logout","anon");
        filterChainDefinitionMap.put("/#/login?redirect=%2Fdashboard", "anon");

//        filterChainDefinitionMap.put("/admin/auth/info","anon");
        // 对微信的部分  先全部都可以来进行访问
        filterChainDefinitionMap.put("/wx/**","anon");
//        filterChainDefinitionMap.put("/index","anon");
//        filterChainDefinitionMap.put("/unauthc","anon");
        filterChainDefinitionMap.put("/**","authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return shiroFilterFactoryBean;
    }


    /*
     * SecurityManager
     *
     * */
    @Bean
    public DefaultWebSecurityManager securityManager(AdminRealm adminRealm,
                                                     DefaultWebSessionManager sessionManager,
                                                     CustomAuthenticator authenticator){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(adminRealm);
        defaultWebSecurityManager.setSessionManager(sessionManager);
        defaultWebSecurityManager.setAuthenticator(authenticator);
        return defaultWebSecurityManager;
    }

    /*
     * DefaultWebSessionManager
     * */
    @Bean
    public DefaultWebSessionManager sessionManager() {
        CustomWebSessionManager customWebSessionManager = new CustomWebSessionManager();
        // 设置session会话的过期时间
        customWebSessionManager.setGlobalSessionTimeout(1000 * 6000);
        return customWebSessionManager;
    }

    /*
     * AuthorizationAttributeSourceAdvisor
     * */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public CustomAuthenticator authenticator(AdminRealm adminRealm, WxRealm wxRealm) {
        CustomAuthenticator customAuthenticator = new CustomAuthenticator();
        ArrayList<Realm> realms = new ArrayList<>();
        realms.add(adminRealm);
        realms.add(wxRealm);
        customAuthenticator.setRealms(realms);
        return customAuthenticator;
    }

}
